wechat-binding

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a standard QR-based authentication flow for WeChat binding. It includes explicit instructions for the AI agent to avoid credential exposure by specifically forbidding the echoing of the 'bot_token' in chat responses.
  • [SAFE]: The skill documentation follows best practices for tool interaction, including requiring user confirmation for destructive actions like 'disconnect' and avoiding excessive polling of upstream APIs.
  • [SAFE]: No unauthorized external network calls, remote code execution patterns, or obfuscation techniques were found. The skill operates within the scope of its described purpose using built-in agent capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 02:34 AM
Security Audit — agent-trust-hub — wechat-binding